If I have a JWT token signed by HS256 algorithm (symmetric compared with RS256), how should I configure the JWTRule
in RequestAuthentication
to verify it?
If I know it is signed by using some secret <some private secret>
, where should I put it in the yaml?
Should I inline it in jwks
field? If so, how should I generate such an inline jwks
?